Download - Privacy by Default - IA Summit 2017
Lutz Schmitt - Twitter: @luxux - IA Summit 2017 - VancouverPRIVACY BY DEFAULT
illustration by Lutz Schmitt – licensed under cc-by-nd 4.0
A CONCEPT FOR PRIVACY IN A WORLD WITH THE INTERNET OF THINGSPRIVACY BY DEFAULT
illustration by Lutz Schmitt – licensed under cc-by-nd 4.0
Missing parts for a world with ambient
intelligence, that I would
want to live in.
PREAMBLE
SECURITY IS FUNDAMENTALit isn‘t really worth talking about privacy
in an insecure environment
IT‘S ALL ABOUT SOCIETYand how technology is used to help shaping it.
AND IT‘S ABOUT BUSINESS
https://twitter.com/MetroUK/status/776150782194376704
ABOUT PRIVACY
you VERSUS the others
THE RIGHT TO BE LET ALONEThe Right to Privacy (Brandeis & Warren)
Harvard Law Review, 15 Dec 1890
1. The right to privacy does not prohibit any
publication … which is of public … interest
4. The right to privacy ceases upon the
publication of the facts by the individual,
or with his consent.
LIMITATIONS TO THE RIGHT TO PRIVACY
Would you hand over your Facebook-Login to a stranger?
Photo by Beatrice Murch on flickr. Licensed under cc-by-sa 2-0
At JFK Airport Immigration you will.
Would you hand over your Facebook-Login to a stranger?
you AND the others
Alan Westin in Privacy and Freedom, 1968
STATES OF PRIVACYaccording to Alan Westin
SOLITUDE privacy of individuals
INTIMACY privacy of groups
ANONYMITY unidentifiability in public
RESERVE (psychological) barriers / resilience
STATES OF PRIVACYaccording to Alan Westin, extended by me
SOLITUDE privacy of individuals
INTIMACY privacy of groups
ANONYMITY unidentifiability in public
RESERVE (psychological) barriers / resilience
PSEUDONYMITY choice of identification
No one shall be subjected to arbitrary
interference with his privacy, family, home or
correspondence, nor to attacks upon his
honour and reputation. Everyone has the right
to the protection of the law against such
interference or attacks.
Article 12
Universal Declaration of Human Rights
http://www.un.org/en/universal-declaration-human-rights/
ABOUT THE
INTERNET
THE INTERNET
IS BROKEN.
photo by Wally Gobetz on flickr.com licensed under cc-by-nc-nd 2.0
the internet is not a public place
Facebook isMark Zuckerberg‘s living room.
photo by Danny Howard on flickr.com licensed under cc-by-nc 2.0
His living room, his rules.
photo by Wally Gobetz on flickr.com licensed under cc-by-nc-nd 2.0
the internet is not freeneither as in freedom, nor as in free beer
remember the fight fornet neutrality?
photo by NewbleRunner on flickr.com licensed under cc-by-sa 2.0
and it‘s getting worsewith the Internet of Things
ABOUT
THE INTERNET
OF THINGS
photo by Philips. Released as press material. All rights reserved.
Remote controlling your lightbulbs,is not the IoT. It‘s remote controlling your lightbulbs.
photo by revolv. Press material.
are not the Internet of Things. That‘s just DRM for the physical world.
devices that need a cloud connection
Source: https://www.hackread.com/samsung-smart-tv-listening-conversations/
illustration by Lutz Schmitt published under cc-by-nc 4.0
we have reached zero effective cost
THE VISION FOR THE
INTERNET OF THINGS
THAT HOOKED ME
computers begin to be inseperably weavedinto the fabric of our physical reality
illustration by Lutz Schmitt published under cc-by-nc 4.0
photo by Sarah Leo on flickr.com – licensed under cc-by-sa 2.0
Mark Weiser, The Computer for the 21st Century, 1991
SOME ISSUESTHAT NEED TO BE SOLVED
ISSUE #1
a friend, on how to use smartphones and stay private
AMBIENT INTELLIGENCE WON‘T COME WITH A POWER BUTTON
photo by Juan Ignacio Sánchez Lara on flickr. Licensed under cc-by-nc-sa-2
WHAT MEANS OF CONTROL CAN BE ESTABLISHEDIf shutting down is no option anymore?
Still from 2001: A Space Odyssey. Source: https://youtu.be/l2c_rSLXq6U
ISSUE #2
we need to trust and believethe more technology develops, the less we are able understand
photo 7th gen Intel Core die by Intel Corp. Source: Presskit release on 2017-01-03
Arthur C. Clarke, Hazards of Prophecy, 1962
Still from Her. Source: Press material.
How do we design this magic reality,that people mustn‘t fear it, but are empowered?
ISSUE #3
decisions and setups all the timemay it be an app, a website, a washing machine or else
teaching and answering computersis a sisyphean task already
HOW CAN WE AVOID
INTERACTIONOVERLOAD
?
ISSUE #4
the IoT is dissolving our placesand meanings of the physical world
Photo by Deraman Uskratzt on flickr.com. Licensed under cc-by-sa 2.0.
How must we architect the virtual dimension of things and places,that our perception of reality won‘t be broken?
ISSUE #5
mass surveillance is a realityand those in control are not willing to let it go
Photo by Jeremy Brooks on flickr.com. Licensed under cc-by-nc 2.0.
Screenshot. Source: the internet
between individual interests and those of corporations, governments and the public
WE LACK BALANCE
HOW CAN WE ESTABLISH A FAIR BALANCE,instead of increasing the unequality?
PRECONDITIONS FOR THE
INTERNET (OF THINGS)
TO HAVE ANY KIND OF
PRIVACY AT ALL.
TECHNOLOGY
MUST BESECURE
THE NETWORK
MUST BEPUBLIC
EVERYTHING
IDENTIFIABLEMUST BE
COMMUNICATION
REFUSABLEMUST BE
A PERSON‘S INTENT
KNOWNMUST BE
A CONCEPT FOR PRIVACY IN A WORLD WITH THE INTERNET OF THINGSPRIVACY BY DEFAULT
illustration by Lutz Schmitt – licensed under cc-by-nd 4.0
INTRODUCINGIDENTITY
IDENTITY IS WHO WE AREto ourselves and to others
WE HAVE MANY IDENTITIESfriend, professional, internet troll, public speaker, …
PSEUDOIDENTITIES
COREIDENTITY
PUBLICIDENTITY
FACTUALIDENTITIES
UNIQUE TRUE SELF
GENERAL PUBLIC APPEARANCE
CONTEXTUAL TRUE SELVES
CONTEXTUAL PRETENDED SELVES
unverifyable & questionable
verifyable & trustworthy
PSEUDOIDENTITIES
COREIDENTITY
PUBLICIDENTITY
FACTUALIDENTITIES
PSEUDOIDENTITIES
COREIDENTITY
PUBLICIDENTITY
FACTUALIDENTITIES
A HUMAN PERSON‘S IDENTITY SET
this identity model is the basic rule setto define our virtual behaviour and representation and
that allows to manage different situations
EVERYBODY AND EVERYTHINGNEEDS AN IDENTITY STRUCTURE
staterepresentation
companies & organisations
artificialintelligences
objects
animals
places
THE WHOLE COMMUNICATION CHAIN IDENTIFIABLE
EVERYTHING IS OWNED BY PERSONS
THE WHOLE COMMUNICATION CHAIN IDENTIFIABLE
COMMUNICATION IS ALWAYS BETWEEN PERSONS
IDENTITIES REACT ON THE CONTEXT
INTRODUCINGPRIVACY SPHERESThe boundaries of communication
PUBLIC
RESERVED
INTIMATE
PERSONAL ONLY YOU
WITH ACTIVE GRANT
WITH PASSIVE GRANT
EVERYBODY
privacy spheres
INTIMATE RESERVED PUBLICPERSONAL
secretdiary
pictures from last night
employeeID
granthomeaccess
homeaccess
pseudocontactdetails
geolocation
shirt‘sproductinfo
workcontactdetails
coffeemaker‘sfill status
shirt‘suniqueID
THATpictures
bitcoinvallet
by default similar data may not be exposedto a more open level of privacy,
without the person‘s intent.
INTIMATE RESERVED PUBLICPERSONAL
diaryentry 1
diaryentry 2
EVERY IDENTITY HAS A DEFAULT,where data or rights are located
INTIMATE RESERVED PUBLICPERSONAL
right tomanageuse
right touse
sensordata
uniqueID
objectinfo
combining identity and privacy spheres
INTIMATE RESERVED PUBLICPERSONAL
UID24298723459
MADAMEPOMPADILLE
HR42CHOPKINS
PUBLIC IDENTITY
INTIMATE RESERVED PUBLICPERSONAL
UID24298723459right tomanageuse
right touse
sensordata
uniqueID
objectinfo
INTIMATE RESERVED PUBLICPERSONAL
UID24298723459right tomanageuse
right touse
sensordata
uniqueID
objectinfo
IDENTITYCOMMUNICATION
INTIMATE RESERVED PUBLIC INTIMATERESERVED
OK, but rules apply
INTIMATE RESERVED PUBLIC INTIMATERESERVED
person’s active grant needed
INTIMATE RESERVED PUBLIC INTIMATERESERVED
no response at all
INTIMATE RESERVED PUBLIC INTIMATERESERVED
“I CREATED THE WWW TO CONNECT PEOPLE NOT MACHINES“
Sir Tim Berners-Lee
CONCLUSION
privacy is vital to societyand a human right to everyone
the IoT will happenand this is a great thing
we need to solve those privacy issuesand I‘m sure we can
photo by mere41782 on flickr.com – licensed under cc by nd 2.0
LET US BUILD A MAGIC FUTURE,
NOT A DYSTOPIA.
THANK YOU.
@luxux www.lutzschmitt.comPhoto by Rick Schwartz on flickr.com. Licensed under cc-by-nc 2.0.